package net.csdn.business.gateway.component;

import net.csdn.business.gateway.utils.ResponseUtils;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/**
 * 无权限访问被拒绝时的自定义处理器。如不自己处理，默认返回403错误<br>
 * 由于SpringGateWay基于WebFlux，所以SpringSecruity很多原有写法，都得改为WebFlux的方式才能生效！
 */
@Component
public class CustomAccessDeniedHandlerWebFlux implements ServerAccessDeniedHandler {
    @Override
    public Mono<Void> handle(ServerWebExchange serverWebExchange, AccessDeniedException e) {
        String msg="暂无权限！";
        String code="403";
        ServerHttpResponse response = serverWebExchange.getResponse();
        return ResponseUtils.webFluxResponseWriter(response, HttpStatus.FORBIDDEN, code,msg);
    }
}
